Tag: keys | Page 5

Facebook expands 2FA with hardware security keys for mobile

March 19, 2021/in Mobile Security

NRP-Expanding_Support_for_Security_Keys_on_Mobile_Devices_banner

Two-factor authentication when logging in to a new or unfamiliar device is a must nowadays. A lot of people have used SMS as their default 2FA but security experts are saying it’s not as secure as you think since numbers can be cloned. Hardware security keys are probably one of the most secure options out there and now Facebook is expanding its support for them by letting you log in to your Facebook app on your mobile device using it as your 2FA.

In case you’ve been living under a digital rock and don’t know what 2FA is, it’s a security feature that you should enable in all your accounts that support it. When you log in to a site or an app like Facebook, aside from requiring your password, you will also have a second security clearance. Most people use an SMS code or an Authenticator app. A hardware security key is a physical device that is small enough to fit in your keychain and is used for 2FA to verify it’s really you logging in.

Facebook says that since 2017, they have strongly recommended the use of hardware security keys to users that are at high risk of being hacked, like celebrities, politicians, public figures, journalists, or anyone that deals in possibly controversial work. Now they are encouraging everyone who wants to keep their account more secure by expanding support for mobile apps. This way if you’re signing in from a device that Facebook is seeing for the first time, they can make sure it’s really you.

You can enroll your physical security key by going to the Security and Login section of your settings and setting it up in the two-factor authentication section. If you’re using any new device to sign in, you’ll be notified that someone is accessing your account from a browser or mobile device that it doesn’t recognize. You’ll be asked to confirm that it’s really you with your key. And if your supposed hacker is the one trying to access, they won’t have your key to confirm.

Facebook is not selling hardware security keys but there are several companies selling them. You can connect it to your smartphone either through Bluetooth or by plugging it in directly.

Source…

Ziggy ransomware shuts down and releases victims’ decryption keys

February 7, 2021/in Internet Security

Decryptor

The Ziggy ransomware operation has shut down and released the victims’ decryption keys after concerns about recent law enforcement activity and guilt for encrypting victims.

Over the weekend, security researcher M. Shahpasandi told BleepingComputer that the Ziggy Ransomware admin announced on Telegram that they were shutting down their operation and would be releasing all of the decryption keys.

**Shut down announcement by Ziggy admin**

In an interview with BleepingComputer, the ransomware admin said they created the ransomware to generate money as they live in a “third-world country.”

After feeling guilty about their actions and concerns over recent law enforcement operations against Emotet and Netwalker ransomware, the admin decided to shut down and release all of the keys.

Today, the Ziggy ransomware admin posted a SQL file containing 922 decryption keys for encrypted victims. For each victim, the SQL file lists three keys needed to decrypt their encrypted files.

**SQL file containing Ziggy decryption keys**

The ransomware admin also posted a decryptor [VirusTotal] that victims can use with the keys listed in the SQL file.

In addition to the decryptor and the SQL file, the ransomware admin shared the source code for a different decryptor with BleepingComputer that contains offline decryption keys.

Ransomware infections use offline decryption keys to decrypt victims infected while not being connected to the Internet or the command and control server was unreachable.

**Source code for different Ziggy ransomware decryptor**

The ransomware admin also shared these files with ransomware expert Michael Gillespie who told BleepingComputer that Emsisoft would be releasing a decryptor soon.

“The release of the keys, whether voluntarily or involuntarily, is the best possible outcome. It means past victims can recover their data without needing to pay the ransom or use the dev’s decryptor, which could contain a backdoor and/or bugs. And, of course, it also means there’s one less ransomware group to worry about.”

“The recent arrest of individuals associated with the Emotet and Netwalker operation could be causing some actors to get cold feet. If so, we…

Source…

12k+ Android apps contain master passwords, secret access keys, secret commands – ZDNet

April 4, 2020/in Mobile Security

12k+ Android apps contain master passwords, secret access keys, secret commands ZDNet
“android security news” – read more

Intel SGX is vulnerable to an unfixable flaw that can steal crypto keys and more

March 10, 2020/in Internet Security

Stylized illustration of a microchip with a padlock symbol on it

For the past 26 months, Intel and other CPU makers have been assailed by Spectre, Meltdown, and a steady flow of follow-on vulnerabilities that make it possible for attackers to pluck passwords, encryption keys, and other sensitive data out of computer memory. On Tuesday, researchers disclosed a new flaw that steals information from Intel’s SGX, short for Software Guard eXtensions, which acts as a digital vault for securing users most sensitive secrets.

On the surface, Line Value Injection, as researchers have named their proof-of-concept attacks, works in ways similar to the previous vulnerabilities and accomplishes the same thing. All of these so-called transient-execution flaws stem from speculative execution, an optimization in which CPUs attempt to guess future instructions before they’re called. Meltdown and Spectre were the first transient execution exploits to become public. Attacks named ZombieLoad, RIDL, Fallout, and Foreshadow soon followed. Foreshadow also worked against Intel’s SGX.

Breaking the vault

By getting a vulnerable system to run either JavaScript stored on a malicious site or code buried in a malicious app, attackers can exploit a side channel that ultimately discloses cache contents belonging to other apps and should normally be off limits. This latest vulnerability, which like other transient-execution flaws can only be mitigated and not patched, gives way to exploits that completely upend a core confidentiality guarantee of SGX.

Read 15 remaining paragraphs | Comments

Biz & IT – Ars Technica

Tag Archive for: keys

Breaking the vault